There are two primary components involved in securing a Web Service method:
/atg/webservice/security/NucleusSecurityManager(an instance ofatg.webservice.NucleusSecurityManager) uses the security configuration associated with the Web Service to apply the corresponding security policy and ACL, to determine whether to grant or deny access./atg/webservice/security/NucleusSecurityRepository(an instance ofatg.adapter.gsa.GSARepository) stores the Web Service security configurations used by theNucleusSecurityManager.
NucleusSecurityManager
At startup time, the NucleusSecurityManager retrieves the repository items from the NucleusSecurityRepository (described below) and creates an internal mapping between each functional name and the SecurityPolicy component and ACL associated with it.
When a client calls a Web Service, the service invokes the hasAccess() method on the /atg/webservice/security/NucleusSecurityManager component, passing it the functional name of the service’s security configuration, the name of the Nucleus component and method exposed by the service, and a Map containing the method’s parameters. The NucleusSecurityManager uses the functional name to find the associated SecurityPolicy component and ACL, applies them to the call, and returns the result (true or false) to the client. If true is returned, the Nucleus method exposed by the Web Service is invoked; if false is returned, access to the method is denied, and an exception of class atg.security.SecurityException is thrown.
If the NucleusSecurityManager is unable to apply the security configuration to a Web Service call (for example, if the SecurityPolicy is not valid), it determines whether to grant access based on the value of its defaultGrantAccess property. The default value of this property is false (deny access).
Setting defaultGrantAccess to true facilitates the development process, because it allows any Web Service that does not have an associated security configuration to be called by any client.
For deployment purposes, though, this behavior is undesirable, because of the security risks involved. Therefore, when you enable liveconfig settings for the Oracle ATG Web Commerce platform, the defaultGrantAccess property is set to false. Note, however, that this means that each of your Web Services must have an associated security configuration, because any call to a service without a security configuration will fail.
For information about enabling liveconfig settings, see the ATG Installation and Configuration Guide.
NucleusSecurityRepository
Web Service security configurations are stored in the NucleusSecurityRepository. This repository includes a single item descriptor called nucleusSecurity, which has properties called functionalName, policy, and ACL. The NucleusSecurityManager parses the items in this repository at startup time.
The Web Services Administration interface provides an easy way to add new security configurations to this repository. See the next section for details.
